3DSExplorer

Discussion in '3DS - ROM Hacking, Translations and Utilities' started by Red_Gh0st, Sep 20, 2011.

Sep 20, 2011

3DSExplorer by Red_Gh0st at 1:28 AM (39,385 Views / 0 Likes) 95 replies

  1. Red_Gh0st
    OP

    Member Red_Gh0st GBAtemp Regular

    Joined:
    Oct 24, 2010
    Messages:
    238
    Location:
    Puerto Rico
    Country:
    United States
    Change log

    v0.5
    new GUI now has file box
    fix for a few save files
    now can save files from save and 3ds (from 3ds still encrypted)

    http://3dbrew.org/wiki/3DSExplorer
     


  2. Seaking

    Member Seaking GBAtemp Advanced Fan

    Joined:
    Nov 26, 2010
    Messages:
    857
    Country:
    United States
    cartage only or any game in the 3DS?
     
  3. Immortal_no1

    Member Immortal_no1 GBAtemp Regular

    Joined:
    Jul 17, 2003
    Messages:
    266
    Country:
    United Kingdom
    Think only Cartridge EEPROM files

    Nice app btw,

    Samurai Warriors won't load up in the app, is it restricted to 128k files?

    I'll support you when i find any issues [​IMG]
     
  4. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    It's suppose to open:

    3ds files (with CCI ('NCSD') header and CXI ('NCCH') partitions)
    sav files (with 'SAVE' in them...encrypted and decrypted)
    tmd files (downloaded from eshop.. really early stage)

    save files still have problems because i dont fully understand the structure..
    you could check the source files at http://code.google.com/p/3dsexplorer/
    and maybe explain it to me.

    If you do:
    Don't take one save file as an example (they are different).
    For starters download the 3 encrypted files from http://3dbrew.org/wiki/Games
     
  5. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    updated to version 0.51..

    don't download v0.5 it has a big bug saving files from save partitions...
     
  6. Cyan

    Global Moderator Cyan GBATemp's lurking knight

    Joined:
    Oct 27, 2002
    Messages:
    16,416
    Location:
    Engine room, learning
    Country:
    France
    For more save files, you can also check the 3DS Save DeEncrypter topic.
    There are some posted save files in that topic (you'll have to search in all pages for links).

    I don't remember if you worked with them already, but they are also working on the save file structure.

    Thanks for 3DSexplorer, I hope you'll keep updating it with new exploits/hacks/understanding of any files structure.
     
  7. FIX94

    Global Moderator FIX94 Global Moderator

    Joined:
    Dec 3, 2009
    Messages:
    6,539
    Location:
    ???
    Country:
    Germany
    Nice program, seems like the 3ds dev scene is slowly starting [​IMG]
     
  8. lestatbytes

    Newcomer lestatbytes leaving without a trace..

    Joined:
    Aug 31, 2011
    Messages:
    54
    Location:
    UnderWorld
    Country:
    Philippines
    Thanks for this one, looking forward for new updates and new features [​IMG]
     
  9. chaosdarkneo

    Member chaosdarkneo GBAtemp Advanced Fan

    Joined:
    Sep 13, 2009
    Messages:
    530
    Country:
    United States
    This looks like it could do a lot more than you think [​IMG]
     
  10. Immortal_no1

    Member Immortal_no1 GBAtemp Regular

    Joined:
    Jul 17, 2003
    Messages:
    266
    Country:
    United Kingdom
    you can make the user interaction with the app work more fluidly by removing the message box asking if the file is encrypted or decrypted, it's not necessary, Do the following:

    1. calculate the header checksum of the data, create a CRC16 hash from the start of the file of the next (318 bytes 13Ehex) then compare that against the following 2 bytes after the 318 you just read. the result will need to be endian flipped.

    This will show a the file is a save and not just a random binary file. If the check passes then
    2. Do a search for: "53 41 56 45 00 00" which is SAVE with 2 null characters next to it, this will tell you it's decrypted save and removes some of the issues if a game randomly has the word SAVE in the encrypted file. Chances of that is extremely low.

    This will eliminate the need for the message box.
     
    1 person likes this.
  11. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    good idea.. i'll do that!

    Edit: Actually about number one... the crc is at offset 10*(filesize/0x1000-1)+8 (you forgot the blockmap size is dynamic)

    Edit2: I don't have issues if a file has the word save in it because i don't search for it...I do a jump according to the DIFI file system offset
    The SAVE should appear right after the HashTable size.
    If you search for the word save you could end up giving information about previous file tables that don't exist anymore!!
    this is still a filesystem and the garbage isn't deleted..
     
  12. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    Released v0.5.2...
    check it out!

    v0.5.2
    * tmd now works well (apperantly it was BE and not LE)
    * save classes and structure improved (code-wise)
    * no question on opening a save file rather it's encrypted or not.
    now it's autodetecting.
     
  13. Immortal_no1

    Member Immortal_no1 GBAtemp Regular

    Joined:
    Jul 17, 2003
    Messages:
    266
    Country:
    United Kingdom
    Excellent, does exactly as i dreamt it would [​IMG]
     
  14. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    Hey... You made a lot of progress in the save files business..
    Can you help me find how to save the files from the file system table.
    they don't always (or never) at the offset mentioned in 3dbrew..
     
  15. Immortal_no1

    Member Immortal_no1 GBAtemp Regular

    Joined:
    Jul 17, 2003
    Messages:
    266
    Country:
    United Kingdom
    Looking at your updates on 3dbrew have you found all the information you needed then?

    We're still a few hashes behind recreating the Save structure aren't we though? 3 More hashes to be found or are there 2 now and the other 2 aren't needed?
     
  16. Immortal_no1

    Member Immortal_no1 GBAtemp Regular

    Joined:
    Jul 17, 2003
    Messages:
    266
    Country:
    United Kingdom
    By using your updated app, you have the Hash Size which for my Super MonkeyBall is 300 0x12C and the Hash which is: 98 2F 00 F3 0B 81 41 49 B5 A4 66 C8 A3 D7 F9 3C B5 2F 5A AF 51 59 85 A1 5E 93 45 6A F1 FF 91 8E

    What data gets hashed to create that hash? as it's said that it's the first 0x12C bytes of the Active Partition (First)

    I have tried to recreate it with various CRC's but have been unable to, are you saying that you can now recreate the Hash in the DISA or just displaying it in your app?

    Fixed
     
  17. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    the Active Table is 0 meaning the second table.

    This block of 0x12C (in size) starting @ 0x330 into the image:
    Code:
    44 49 46 49 00 00 01 00 44 00 00 00 00 00 00 00 78 00 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 50 00 00 00 //DIFI
    00 00 00 00 0C 01 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 49 56 46 43 
    00 00 02 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 09 00 00 00 00 00 00 00 
    20 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 09 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 A0 01 00 00 
    00 00 00 00 0C 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 D0 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 
    78 00 00 00 00 00 00 00 44 50 46 53 00 00 01 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 
    00 00 00 00 08 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 
    00 E0 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 A0 E9 0E 3B BF 29 9B 05 54 4E CF F7 88 EB 23 53 77 E4 3A 02 
    D8 48 27 B7 44 D0 49 B1 AB 90 98 61
    Gives (SHA-2,256) : 982F00F30B814149B5A466C8A3D7F93CB52F5AAF515985A15E93456AF1FF918E
    as requested [​IMG]

    And to your other question...the hashes in the unactive table apprears to be old hashes...
     
  18. Immortal_no1

    Member Immortal_no1 GBAtemp Regular

    Joined:
    Jul 17, 2003
    Messages:
    266
    Country:
    United Kingdom
    Sorry, i was thinking of DIFI generation. I have DISA already, i went off on a wild tangent there [​IMG]

    Do you have any fresh info on the DIFI hash generation?
     
  19. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    No..nothing there...it might be the last hash.

    But my intention is: once we get all the hashes figures out.

    You could
    open a sav file (encrypted)
    extract the files from it
    change them
    replace the ones in the sav file (with the same size)
    and save the changed image.

    For this to happen
    the 3ds explorer should hash the partitions and then the disa.
    and should store the memory map, the key for recreation.

    it already stores the key and the memory map shouldn't be a problem, just make it global in the context.
    so i think the difi's hash is all weve got [​IMG] (hopefully...)

    P.S.
    A hash could be stored at the game's files also.
    so each game will have its own problems...
     
  20. elisherer

    Member elisherer I ♥ 3DS

    Joined:
    Dec 16, 2009
    Messages:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    Thanks, there was a mistake at the program... i just fixed it...
    It said "First" but it was really "Second"...

    Download again everybody...v0.55
     

Share This Page